You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

Attempting to dereference an invalid pointer results in undefined program behavior, typically abnormal program termination. Given this, invalid pointers should not be dereferenced.

Non-compliant Example

In this example, input_str is copied into dynamically allocated memory referenced by str. If malloc() fails, it returns an invalid (null) pointer that is assigned to str. When str is dereferenced in strcpy(), the program behave in an unpredictable manner.

...
size_t size = strlen(input_str);
if (size == SIZE_MAX) {
  /* Handle Error */
}
str = malloc(size+1);
strcpy(str, input_str);
...

Note that in accordance with rule MEM35-C. Ensure that size arguments to memory allocation functions are valid the argument supplied to malloc() is checked to ensure an numeric overflow does not occur.

Compliant Solution

To correct this error, ensure the pointer returned by malloc() is not invalid (null). In addition to this rule, this should be done in accordance with rule MEM32-C. Detect and handle critical memory allocation errors.

...
size_t size = strlen(input_str);
if (size == SIZE_MAX) {
  /* Handle Error */
}
str = malloc(size+1);
if (str == NULL) {
  /* Handle Allocation Error */
}
strcpy(str, input_str);
...

Priority and Level

Dereferencing null pointers typically results in a denial of service condition.

Component

Value

Severity

 

Likelihood

 

Remediation cost

 

Priority

 

Level

 

References

  • No labels